SynopsisThe remote Ubuntu host is missing one or more security-related patches.
DescriptionHiroki Matsukuma discovered that the PDF interpreter in Ghostscript did not properly restrict privileged calls when '-dSAFER' restrictions were in effect. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files.
(CVE-2019-14811, CVE-2019-14812, CVE-2019-14813, CVE-2019-14817).
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected ghostscript and / or libgs9 packages.